CVE-2024-47254

In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker to escalate their privileges and gain root access to the system.
Configurations

Configuration 1 (hide)

cpe:2.3:a:2n:access_commander:*:*:*:*:*:*:*:*

History

07 Nov 2024, 12:15

Type Values Removed Values Added
References
  • {'url': 'https://www.2n.com/en-GB/about-2n/cybersecurity/', 'tags': ['Product'], 'source': 'product-security@axis.com'}
  • () https://www.2n.com/en-GB/download/Access-Commander-Security-Advisory-2024-11 -

06 Nov 2024, 22:22

Type Values Removed Values Added
First Time 2n
2n access Commander
CPE cpe:2.3:a:2n:access_commander:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 6.3
v2 : unknown
v3 : 7.2
CWE NVD-CWE-noinfo
References () https://www.2n.com/en-GB/about-2n/cybersecurity/ - () https://www.2n.com/en-GB/about-2n/cybersecurity/ - Product

05 Nov 2024, 16:04

Type Values Removed Values Added
Summary
  • (es) En las versiones 3.1.1.2 y anteriores de 2N Access Commander, una vulnerabilidad de verificación insuficiente de la autenticidad de los datos podría permitir que un atacante aumente sus privilegios y obtenga acceso de root al sistema.

05 Nov 2024, 10:20

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-05 10:20

Updated : 2024-11-07 12:15


NVD link : CVE-2024-47254

Mitre link : CVE-2024-47254

CVE.ORG link : CVE-2024-47254


JSON object : View

Products Affected

2n

  • access_commander
CWE
NVD-CWE-noinfo CWE-345

Insufficient Verification of Data Authenticity